SEARCH
Archive
Flaws on Nucleus TCP/IP Stack Impact Safety-Critical Devices
Siemens has issued patches after a set of 13 vulnerabilities was discovered in the Nucleus TCP/IP stack.
Attackers Exploit ManageEngine Flaw to Steal Sensitive Data
A known, critical-severity flaw in ManageEngine ADSelfService Plus is under attack by bad actors who are leveraging it to execute a novel credential-theft tool on victims' networks.
Exploits Circulating for Windows MSHTML Zero Day
Some proof-of-concept exploits have begun circulating for CVE-2021-40444 and no patch is yet available.
Attackers Exploiting Critical Flaw in Zoho Password Management Tool
Attackers are exploiting an authentication bypass flaw in Zoho's ManageEngine ADSelfService Plus password management app.
Apple Fixes MacOS Flaw Abused in XCSSET Malware Attacks
Researchers uncovered a flaw in macOS that could allow attackers to access permissions, like screen recording, on victim devices - without their approval.